Ransomware Industry

CRH08 Why Domain Tiering is Critical to Prevent Ransomware

11/20/2025

2:30pm - 3:45pm

Level: Introductory to Intermediate

Sami Laiho

Chief Research Officer

Adminize

If attackers move laterally, your defenses should be vertical.

Ransomware doesn't break in—it logs in. Once inside, it moves fast and sideways, exploiting over-permissioned accounts and flat networks to take down everything in its path. In this essential session, Sami Laiho explains why Active Directory tiering is one of the most powerful, yet underused, defenses against ransomware.

You’ll learn how to design and implement a Tier 0–1–2 model that isolates critical assets, contains lateral movement, and limits blast radius. Through real-world examples and hard-earned lessons from breached environments, Sami shows you how tiering not only protects Domain Controllers—but your entire business.

If you care about ransomware resilience, this is the architectural change you can’t afford to ignore.

You will learn:

  • About the concept and purpose of Active Directory tiering and its role in protecting privileged credentials and core infrastructure.
  • How ransomware spreads laterally—and how tiering stops it by limiting privilege escalation paths.
  • Practical guidance to implement and enforce a tiered admin model across servers, workstations, and accounts without disrupting operations.